Perimeter

8/3/2010
03:51 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Merchant Link Announces End-To-End Encryption And Tokenization To Reduce PCI Burden

Solution secures both 'data in-flight' and 'data at rest'

SILVER SPRING, MD (August 3, 2010) -- As merchants face the ongoing challenge of PCI compliance and securing their customers’ credit card data, Merchant Link, a leader in the secure payment gateway market, today announces that it is offering a combined end-to-end encryption (E2EE) and tokenization solution which will dramatically lower the cost of attaining and maintaining PCI compliance.

Hotels, restaurants and retailers will now benefit from Merchant Link’s E2EE solution as well as the TransactionVault' tokenization solution. From the point of swipe to transaction completion, Merchant Link’s comprehensive solution secures both “data in-flight” and “data at rest,” meaning both stored credit card data and transaction data flowing through networks will be protected from hackers and cyber criminals. This both dramatically reduces risk of a breach and reduces PCI scope up to 81% based on the PCI Self-Assessment Guidelines.

“The new solution protects credit card data throughout the entire transaction life cycle,” said Dan Lane, Chief Technology Officer, Merchant Link. “Further, both end-to-end encryption and tokenization are expected to be key solutions highlighted in the October 2010 release of the next PCI DSS standard. The offering demonstrates our ongoing commitment to provide the highest level of security and service in the industry, allowing our customers to get out of the credit card business and focus on their core mission.”

Key Advantages:

ENCRYPTING WITHIN THE MSR / DECRYPTING OUTSIDE YOUR IT ENVIRONMENT: The new solution encrypts sensitive credit card information within the actual magnetic stripe reader (MSR) right at the point of swipe and as it travels through the merchant’s IT environment. Decryption occurs within Merchant Link’s hosted payment gateway, away from merchant systems and thus dramatically reduces the risk of compromised data.

COMBINING E2EE WITH NEXT GENERATION TOKENIZATION: Layering tokenization with end-to-end encryption greatly improves data security. Merchant Link’s TransactionVault tokenization solution uses tokens that distinguish themselves from others by remaining associated with the card. This allows the tokens to be tracked for all guest transactions, customer analytics, and marketing purposes. TransactionVault is in use at more than 15,000 restaurants, hotels and retail establishments and is the most widely adopted tokenization solution on the market.

FLEXIBILITY: The new solution is designed to integrate with any encrypting device, offering merchants flexibility in their hardware solutions. In addition, the Merchant Link Payment GatewayTM connects to all major credit card processors and offers merchants the freedom to switch between processors quickly, easily and efficiently, keeping them in control of their offerings and rates.

About Merchant Link

Merchant Link is a leading payments gateway company, providing PCI compliance, secure solutions, data transport services and comprehensive technology to merchants, software providers and credit card processors. Its premier product, TransactionVault', features next generation tokenization technology by replacing each card number with unique, multi-use tokens. Merchant Link currently supports more than 150,000 hotels, restaurants, retail stores, and other venues, and maintains connectivity to the major US payment card processors. Founded in 1993 and headquartered in Silver Spring, Md., Merchant Link handles more than 3 billion transactions for some of the world's best-known merchants. Further information is available at www.merchantlink.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
New Mirai Version Targets Business IoT Devices
Dark Reading Staff 3/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Reading Schneier's Friday Squid Blog again?
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.